Director – Vulnerability and Threat

Nordstrom

**Job Description** Security Engineering The Director, Security Engineering supports the Vulnerability Management, Threat Intelligence,

**Job Description**

Security Engineering

The Director, Security Engineering supports the Vulnerability Management, Threat Intelligence, Patch Management, and Penetration Testing/Red Team functions. These teams work to identify and scope the vulnerabilities in our processes and systems. In this role, you’ll report to the Senior Director of Information Security and Asset Management and be responsible for setting and executing on the engineering and vulnerability security strategy.

Responsibilities

+ Support the teams as they execute on their strategic and operational roadmaps.

+ Encourage regular analysis of disparate data sources using approved tactics, techniques, tools and procedures with a goal of protecting systems and networks.

+ Collaboratively develop vision, roadmaps and plans with security leadership team to expand the program, evaluate tool and process maturity, and provide solutions to close any gaps.

+ Engage customers, partners and internal stakeholders to determine business requirements, technical considerations and strategic objectives.

+ Collaborate with PM, engineering and operations peers to deliver strategic and tactical plans and objectives for the public cloud programs.

+ Strive to continuously improve current vulnerability and asset management assessment coverage depth, quality and capabilities through new services or processes.

+ Serve as a product owner on the scrum team(s) and work with engineers to deliver a quality product on time.

+ Has responsibility for hiring, performance reviews, and terminations with an emphasis on training, motivating, and retaining top employees to ensure a high performing team.

+ Responsible for the effective development and training for team.

+ Self-starter with the ability to make independent decisions and the judgment to know when to seek guidance.

+ Work with teams on identification of security weaknesses and ensuring reasonable resolution timelines

+ Identifies opportunities for iterative improvement in coverage of intelligence and monitoring through existing resources; recommends and works with the team to implements solutions.

+ Strong attention to detail and demonstrated ability to handle sensitive and confidential information and matters.

+ Generates measurement and statistical reports on significant trends and brings all our security relevant data together to allow for full situational awareness

+ This position may be required to perform other related duties as assigned

Basic Qualifications

+ Proven track record of leading detection and vulnerability teams with demonstrated knowledge and competence in security concepts, techniques, tools, methods and practices, and the ability to successfully implement them

+ Proven experience supporting a scanning infrastructure and scanning program for an enterprise

+ Fundamental understanding of risk vs severity

+ Prior experience managing other managers, with strong preference for experience with a geographically distributed team

+ 5-10 years’ experience in security, with 3+ of those years spent in management roles

+ Experience in a cloud / on-premise hybrid infrastructure security

+ Comfort in a multiple operating system environment.

+ Networking concepts related to TCP/IP, switching and routing

+ Security concepts related to routing, DNS, VPN, authentication, and proxy services

+ Ability to foster collaborative, open, working relationships with technology and other stakeholders.

+ Understanding of enterprise, network, system/endpoint, and application-level security issues and risks.

+ Broad understanding of retail business processes, business applications, data flows, and requirements desired.

+ Excellent written and verbal communications, including presentation skills, are important to be successful in this role. Proven ability to effectively communicate with all levels of the organization, as well as with external parties.

+ Assertive and proactive in identifying, communicating, and resolving issues and concerns.

+ CISSP, GPEN, OSCP or equivalent security certification strongly preferred.

+ Wry sense of humor preferred

**We’ve got you covered…**

Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

+ Medical/Vision, Dental, Retirement and Paid Time Away

+ Life Insurance and Disability

+ Merchandise Discount and EAP Resources

A few more important points…

The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

Nordstrom will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com at http://www.nordstrom.com/ .

Nordstrom Careers Privacy Policy: https://careers.nordstrom.com/#/contact-us/privacy

© 2020 Nordstrom, Inc.

Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.

We’re a fast-moving fashion company that empowers our people to be innovative, creative and always focused on providing the best service to our customers. The retail industry is rapidly changing, and we have interesting, complex problems to solve every day – from developing cutting-edge technology and opening new stores, to designing fresh, must-have fashion.

Whether you’re a genius engineer, a phenomenal salesperson or a supply chain guru, we invite you to bring your unique talents and join our team. We’ve been on the Fortune™ 100 Best Places to Work list for more than 20 years because we reward great work, promote from within and celebrate diversity.

Our values are the core of who we are. They inspire our employees, delight our customers and bring our business to life every day.

**CUSTOMER OBSESSED**

We strive to know our customers better than anyone else. We listen, anticipate, build trust and move with speed to deliver on their needs.

**OWNERS AT HEART**

We treat every interaction as an opportunity to make an impact and deliver excellence.

**CURIOUS AND EVER CHANGING**

We approach problems with curiosity and create solutions. We unlock potential to be bold, think big and inspire innovation.

**HERE TO WIN**

We’re committed to delivering results, both today and tomorrow. We win as a team by supporting and challenging one another to be better every day.

**WE EXTEND OURSELVES**

We treat each other with respect and kindness. We do the small things that make a big difference. We create a welcoming environment, helping people feel connected, valued and part of one community.

Come on! Join us!

To apply for this job please visit de.jobsyn.org.